Luciafer, You Clever Little Devil!


Luciafer gains access to the victim's computer by using the cracked password. What is the packet number of the response by the victim's system, saying that access is granted? >Submit the flag as: flag{#}.

NOTE: Use the packet response from her login, not from the password cracker.

Use the PCAP from Monstrum ex Machina


From the Release the Crackin'! challenge we know the login occurred over FTP and the password was darkangel. We apply a Wireshark filter for FTP in combination with a string search for the password:

The first identified packet with "PASS darkangel" is from the brute-force tool and second one (#159764) is Luciafer's login. The challenge specifically asks for the response packet, which would be the subsequent one after PASS.

The accepted flag was, flag{159765}



Leave a comment